求一份1panel 给emby反代的配置

user-bdgmfzb2vvf · 2025 年4 月 1 日 12:59

1panel默认的配置可以反代成功但是emby看视频非常卡
网上找了一份nginx的配置文件直接应用到1panel上是无法打开的状态

#PROXY-START/

location ~* \.(gif|png|jpg|css|js|woff|woff2)$

{

    proxy_pass http://ip:port;

    proxy_set_header Host $host;

    proxy_set_header X-Real-IP $remote_addr;

    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

    proxy_set_header REMOTE-HOST $remote_addr;

    expires 12h;

}

client_max_body_size 5000M;

    proxy_set_header X-Real-IP $remote_addr;

    proxy_set_header X-Forwarded-For '$proxy_add_x_forwarded_for';

    proxy_set_header X-Forwarded-Proto $scheme;

    proxy_set_header Sec-WebSocket-Extensions $http_sec_websocket_extensions;

    proxy_set_header Sec-WebSocket-Key $http_sec_websocket_key;

    proxy_set_header Sec-WebSocket-Version $http_sec_websocket_version;

    proxy_cache off;

    proxy_redirect off;

    proxy_buffering off;

location / {

        proxy_pass http://ip:port;

        proxy_set_header X-Forwarded-For $remote_addr;

        proxy_ssl_verify off;

        proxy_http_version 1.1;

        proxy_set_header Host $http_host;

        proxy_set_header Upgrade $http_upgrade;

        proxy_set_header Connection "upgrade";

        proxy_read_timeout 86400;

    }

 

#PROXY-END/

下面是1panel默认的配置文件：

server {
    listen 80 ; 
    listen 443 ssl http2 ; 
    server_name test.com; 
    index index.php index.html index.htm default.php default.htm default.html; 
    proxy_set_header Host $host; 
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 
    proxy_set_header X-Forwarded-Host $server_name; 
    proxy_set_header X-Real-IP $remote_addr; 
    proxy_http_version 1.1; 
    proxy_set_header Upgrade $http_upgrade; 
    proxy_set_header Connection $http_connection; 
    access_log /www/sites/test.com/log/access.log main; 
    error_log /www/sites/test.com/log/error.log; 
    location ^~ /.well-known/acme-challenge {
        allow all; 
        root /usr/share/nginx/html; 
    }
    include /www/sites/test.com/proxy/*.conf; 
    if ($scheme = http) {
        return 301 https://$host$request_uri; 
    }
    ssl_certificate /www/sites/test.com/ssl/fullchain.pem; 
    ssl_certificate_key /www/sites/test.com/ssl/privkey.pem; 
    ssl_protocols TLSv1.3 TLSv1.2 TLSv1.1 TLSv1; 
    ssl_ciphers ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:!aNULL:!eNULL:!EXPORT:!DSS:!DES:!RC4:!3DES:!MD5:!PSK:!KRB5:!SRP:!CAMELLIA:!SEED; 
    ssl_prefer_server_ciphers on; 
    ssl_session_cache shared:SSL:10m; 
    ssl_session_timeout 10m; 
    error_page 497 https://$host$request_uri; 
    proxy_set_header X-Forwarded-Proto https; 
    add_header Strict-Transport-Security "max-age=31536000"; 
}

ZP9611 · 2025 年4 月 2 日 03:30

server {
    listen 80;
    listen 443 ssl http2;
    server_name test.com;
    client_max_body_size 5000M;  # 大文件上传支持
    index index.php index.html index.htm default.php default.htm default.html;

    # 静态资源缓存配置
    location ~* \.(gif|png|jpg|css|js|woff|woff2)$ {
        proxy_pass http://ip:port;  # 替换为实际后端IP和端口
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header REMOTE-HOST $remote_addr;
        expires 12h;  # 缓存12小时
    }

    # 统一代理头配置
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Host $server_name;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header Sec-WebSocket-Extensions $http_sec_websocket_extensions;
    proxy_set_header Sec-WebSocket-Key $http_sec_websocket_key;
    proxy_set_header Sec-WebSocket-Version $http_sec_websocket_version;

    # WebSocket 长连接支持
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
    proxy_read_timeout 86400;

    # 性能优化
    proxy_cache off;
    proxy_redirect off;
    proxy_buffering off;

    access_log /www/sites/test.com/log/access.log main;
    error_log /www/sites/test.com/log/error.log;

    location ^~ /.well-known/acme-challenge {
        allow all;
        root /usr/share/nginx/html;
    }

    include /www/sites/test.com/proxy/*.conf;

    if ($scheme = http) {
        return 301 https://$host$request_uri;
    }

    ssl_certificate /www/sites/test.com/ssl/fullchain.pem;
    ssl_certificate_key /www/sites/test.com/ssl/privkey.pem;
    ssl_protocols TLSv1.3 TLSv1.2 TLSv1.1 TLSv1;
    ssl_ciphers ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:!aNULL:!eNULL:!EXPORT:!DSS:!DES:!RC4:!3DES:!MD5:!PSK:!KRB5:!SRP:!CAMELLIA:!SEED;
    ssl_prefer_server_ciphers on;
    ssl_session_cache shared:SSL:10m;
    ssl_session_timeout 10m;
    error_page 497 https://$host$request_uri;
    add_header Strict-Transport-Security "max-age=31536000";
}

试试？